Open jboero opened 3 months ago
Any update on this? This is a serious problem and a very quick solution.
OK I'll do it myself. The original systemd unit I wrote left default simple
but this time it's explicitly set to simple
as it should be.
Hello @jboero,
The systemd unit for Vault is type notify
as we've made use of systemd notify functionality in Vault for some time now.
The dangling dbus processes you're seeing are likely caused by an upstream dependency which has not been fixed yet.
A workaround that ought to resolve it for you would be to define the DBUS_SESSION_BUS_ADDRESS
environment variable before launching vault, e.g
# /etc/vault.d/vault.env
DBUS_SESSION_BUS_ADDRESS=$XDG_RUNTIME_DIR/bus
For further information you can refer to our support article.
If that doesn't resolve it please let us know.
Hi @ryancragun thanks for the update. I didn't realize you had added native dbus support to Vault.
I did just try to reproduce this on various versions of systemd and I see it's not a problem on older RHEL 8 environments. This happens since a new systemd v255.10
update came in on my test Fedora environment. I think this may actually be an issue in the future. Setting my own back to type=simple
solves the problem for me.
Installed Packages
Name : systemd
Version : 255.10
Release : 3.fc40
Architecture : x86_64
Size : 16 M
Source : systemd-255.10-3.fc40.src.rpm
Repository : @System
From repo : updates
Excellent thank you for investigating. Well done Mike Oprea
[UPDATE] this problem is reproduced with systemd v255.10.
Hi a while ago the packaging systemd units were apparently changed from
simple
tonotify
type but I'm seeing problems with unreaped failed processes. I don't think the notifications are being handled correctly. Does anybody else notice these problems?Comit by @RickyGrassmuck please advise. https://github.com/hashicorp/vault/commit/b09f3c014883e574236cee9921b52b5421177149
Failed processes are not handled and restarting a failed service just forks another instance.
And the pgrep
When using
notify
typeExecStart
should point to a script that handles dbus hooks, not the raw service binary: https://askubuntu.com/questions/1120023/how-to-use-systemd-notify [UPDATE] dbus support was added to Vault so this is no longer a problem.